Course Search Results

Found 70 courses tagged with "Think 2018".

This video and hands-on lab provide a real business user experience by guiding you through tasks typically performed by a line-of-business manager who uses BM Identity Governance and Intelligence (IGI) to manage accesses for his team members.

This
course demonstrates how IBM i2 Enterprise Insight Analysis (EIA) and
IBM i2 Analyst's Notebook can enrich the analysis of an IBM QRadar
offense by curating and importing data from several disparate sources
into the EIA Information Store. In this use case, data from multiple
sources is imported into i2 Analyst's Notebook where you use link
analysis to uncover connections and networks among different entities as
well as behavior patterns.

Among the topics that you will cover in this course are:

Using the Offense Investigator app to bring a QRadar offense into i2 Analyst's Notebook (ANB) and expanding on an offense

Connecting to (EIA) from i2 Analyst's Notebook to to find data using Search and Visual Search tools from the Home toolbar

Using Expand and Expand with Conditions to bring linked items from the EIA Information Store into an ANB chart to visualize connections

In this two part lab, you
learn how to configure MaaS360 Cloud Extender’s Certificate Integration module
to integrate with a Microsoft CA to provision identity certificates for mobile
devices. After you set up the Certificate Integration module, you configure the
Enterprise Gateway module to use identity certificates for authentication.

The Advanced Access Control (AAC) functionality of IBM Access Manager is not enabled by default. The AAC module must be purchased and activated to enable this functionality.This lab provides procedures to activate and configure the Advanced Access Control module.Access Manager appliance has a built-in live mobile demonstration application that is useful for demonstrating the AAC use cases. This lab also covers the steps to enable the live demo application.

IBM Access Manager provides OAuth 2.0 token introspection endpoint to support functions specified in RFC7662. The OAuth clients can use this endpoint to query the OAuth authorization server and request details about the access tokens issued by the server. For example, determining if the token is still active or accessing additional information about the token.This lab demonstrates how to configure and use the OAuth 2.0 token introspection endpoint.

Certification campaigns are a formal process that automates the periodic review of a given relationship. They enable critical access decisions by nontechnical line of business managers.IGI supports five different certification campaign types.

Certification campaigns are created and configured by the IGI Administrator in Access Governance Core, and then executed by reviewers, using the Service Center.This lab lets you practice a complete and fully functional user assignment certification campaign.

This lab covers how to use the user certificates issued by a trusted authority for the client certificate authentication. It also demonstrates step-up authentication using client certificate as a second level of authentication.

IBM Access Manager supports device fingerprinting to allow tracking of a user across multiple devices and browsers.This lab provides steps to configure Advanced Access Control policies to register a client device or browser using one-time password (OTP) sent to a user's email address.The user is allowed access once OTP verification is complete.The lab demonstrates silent and consent-based device registrations. It also covers how administrators and end users can manage device fingerprints.

In this
lab, you learn how to implement context-based access (CBA) using FORM (POST) parameters. You configure an access policy
that detects high-value transactions based on a certain POST parameter
in a web form and prompts for step-up authentication. The step-up
authentication requires the users to provide a counter-based HMAC
one-time password (HOTP).

You generate the OTP either using the OTP
Generator demo application provided in the lab or by using a mobile app on
your phone, for example, IBM Verify or Google Authenticator.

In this lab, you learn how to implement context-based access for a mobile application using REST (JSON) parameters. You configure an access policy that detects high-value transactions using a certain attribute in the JSON payload and prompts for step-up authentication. The step-up authentication requires the users to provide a time-based one-time password (TOTP).You generate the OTP either using the OTP Generator demo application provided in the lab or by using a mobile app on your phone, for example, IBM Verify or Google Authenticator.

In this lab you create a replication topology. You do this by creating and configuring directory server instance idspeer2 that will serve as a second master in the peer to peer replication. (first master is idspeer1. You also create and configure a standalone instance idsalone that will be a forwarder from idsrepl1 and a partial replica of the o=sample subtree.

For each incoming event and flow, QRadar SIEM evaluates rules to test
for indicators that suggest an attack or policy violation. In this
lab, you learn how to create custom rules, building blocks, custom
event properties, and a reference set to detect an example suspicious
activity.

IBM provides comprehensive data encryption capabilities to help protect your data whereever it resides—on-premises, in the cloud, in multiple clouds, or in hybrid environments. This session will focus on IBM Multi-Cloud Data Encryption, specifically for cloud and hybrid data protection. Learn how to configure policies for file and folder encryption, as well as how to deploy agents to encrypt and decrypt data.

A follow up to John Adams Open Mic on Full Guardium Appliances, John spends time answering audience questions on that and other topics: Rebooting the appliance, issues with fixes, vulnerabilities, the Discovery engine, high CPU, and various other issues.

This Open Mic Live session was originally broadcast from Think 2018 19-March-2018

John
Adams from Guardium Technical Support delivers this Open Mic LIVE at
the 2018 Think conference. Part fire extinguisher, part lifejacket, and
part how to avoid getting burned in the first place, the information in
this Open Mic will help keep you out of trouble and possibly rescue you
in the case of full appliance issues.

The IBM Security App Exchange is a collaborative platform that can help integrate and utilize the collective knowledge of security professionals through code sharing. The App Exchange offers enhancements and integration between IBM Security products, and can include other security vendors, such as Trend Micro, Cisco, Qualys, and so on.The majority of the security integration offerings today is available for the IBM® QRadar® product line. The IBM Security App Exchange provides an expanded hub of QRadar content. IBM QRadar provides a RESTful API that allows access to the QRadar resources and data.

This lab guide demonstrates the tools that can help you to develop new apps for QRadar. You can use two type of tools for your app development:

In production environments, it is not uncommon for enterprise firewall rules to be put in place that accidentally step on another team’s requirements, or for desktop clients to be updated and close ports that were once open. This exercise simulates a network change that disrupts some endpoint management services by re-enabling the Windows firewall and disabling specific rules. It also walks you through troubleshooting methods to identify such communication outages.

In this scenario, managed clients that are successfully registered and managed are no longer updating in the Console. In this lab, you will force the environment to fail, generate updates for the endpoints, diagnose why the clients are not updating, and remediate the issue.

In this lab, a patch is deployed to a client but fails on a specific client. Once investigated, it appears that the file used by the patch exists in the download cache on the server, but is corrupted You will replace the corrupted patch and verify that BigFix applies it.

In this scenario, it is determined from practical use that the BigFix server that has license updates, subscribed sites, and content within those sites is no longer able to update content. You check various aspects of the server and its connectivity to determine the root cause.

This lab demonstrates bidirectional integration of IBM® QRadar® SIEM
and IBM® Guardium®. QRadar SIEM collects the logs from various devices
in enterprise networks. The logs are received through connectors called
Device Support Module (DSM). QRadar has a DSM for Guardium. That DSM
enables QRadar to receive and process logs from Guardium.

Alternatively,
Guardium has an API that provides an option for QRadar to react to
certain events detected by QRadar, and send Guardium those commands to
adjust the database policy to properly react to the event. For example,
if QRadar detects that the source IP from an internal network is
communicating with an IP address classified as the Botnet Server, it can
send a command to Guardium to block any access to the database from the
same IP address. The call from QRadar to Guardium can be done using the
Custom Actions feature of QRadar or using IBM Security Directory
Integrator® (IDI) that acts as the proxy; transforming various events
from QRadar into Guardium API calls.

This IDI solution uses custom
developed code that IBM provides as-is without any support and
maintenance commitments. You can download the code from the Security
Learning Academy in the Additional Resources section of this course.

In this course, you will learn about ingesting data into the i2 Analyze Information
Store. This covers how to populate staging tables, how to create a
mapping file, as well as, how to run the data ingestion command.

An IBM i2 Enterprise Insight Analysis (EIA) system comprises of a number of components that you must configure before data can be ingested. Staging tables have to be created and mapping files will need to be defined in order to ingested data into the
Information Store. EIA comes with example files and data to assist with these tasks as well as ingestion commands to get data into the Information Store.

This is a standalone lab, that will walk you through exercises needed to manually import data into iBase and search for that data via the Base Connector.

i2 Enterprise Insight Analysis (EIA) is an enterprise intelligence analysis solution that facilitates information sharing and intelligence production. This course will cover the deployment of an EIA product, specifically the process of updating and deploying a custom schema.

You will also learn how to edit or update an existing schema using the Schema Designer. This course will also walk you through the process of ingesting data in the EIA Information Store from an external data source.

In this course, you will deploy IBM i2 Analyze, which is part of the Enterprise Insight Analysis (EIA) solution. i2 Analyze provides the collaboration and search services in EIA. You will create an example Opal deployment that includes the Information Store that is connected to use the i2 Analyze Opal services. After you deploy the Information Store, you can access the data that it contains by using Analyst's Notebook Premium (ANBP). You will also learn to configure Quick Search and Visual Query.

i2 Enterprise Insight Analysis (EIA) is an enterprise intelligence analysis solution that facilitates information sharing and intelligence production. This course will walk students through an example implementation on how data from an external source, in this case QRadar, data can be extracted, transformed, and loaded in the i2 Enterprise Insight Analysis (EIA).

This course is intended for users who want to programmatically extract data on-demand from the QRadar ariel database and add it to the i2 EIA Information Store.

As part of an IBM i2 Analyze deployment, an iBase connector provides a mechanism for providing users with access to an IBM i2 iBase database. The database becomes available in the Intelligence Portal as a data source that users can select and interact with.

There are two reasons for integrating iBase with a deployment of i2 Analyze. One reason is that you already have an iBase deployment, and you want to retain your data and your data model as you upgrade or migrate to i2 Analyze. The other reason is that you already have a deployment of i2 Analyze 4.1, and you want to use iBase as a way to ingest data from other data sources.

Note: This is an online, interactive lab. You will download and follow
the lab guide using the associated elab. The elab will be available for 4 hours of runtime so be sure to set
aside enough time to complete the lab in one setting. You will only have access to the lab for a 5 day period from
when you start the lab.

Identity Governance and Intelligence enforces segregation of duties (SoD) checks, based on relationships established between the Business Activities (BA) layer and the Role-Based Access Control (RBAC) model.

Companies invest in roles to better model “who-can-do-what”, while auditors do not trust roles; they trust user permissions and assignments. Except for simple scenarios, the number of permission and role combinations to review becomes unmanageable quickly. In this scenario, it is difficult to conduct SoD analysis using roles.

This video and lab demonstrate how Identity Governance and Intelligence enforces segregation of duties (SoD) checks, based on relationships established between the Business Activities (BA) layer and the Role-Based Access Control (RBAC) model.

IGI has a robust and intuitive user interface, divided into two areas. Administration Console is reserved for administrators. Service Center is where the applications for business users are contained.

This lab provides a brief tour of the available applications to help you become familiar with the IGI user interface. Feel free to explore each of the applications in depth and work with the data in any way you like. This is a live and fully functional copy of IGI with more than 2300 sample user records.

In the IBM Identity Governance (IGI) and Intelligence data model, an entitlement identifies a structured set of permissions. Permissions grant to users accesses the resources of an organization. Permissions often have obscure names that make it difficult to understand what they really represent. For these reasons, permissions are grouped into named roles in IGI.

IBM Identity Governance and Intelligence offers a number of approaches for role management, role definition, role consolidation and role mining.

In the role definition approach, the administrator defines a role upon existing knowledge of what that role should contain, simply by adding permissions and other roles. In a role consolidation, you replace a set of common entitlements with a more easily understood role. In role mining, you search for prospect roles in the business organization by seeing what entitlements have already been assigned to users in similar roles leveraging the advanced role mining features of Identity Governance and Intelligence.

This video and lab guides you to discovering the approaches that IGI offers for role management.

In this session presented live at Think 2018, we review the framework built to leverage IBM Security Access Manager (ISAM) REST APIs using Python/Ansible to fully automate all changes to ISAM. This provides an overview for new customers and assists those who are already leveraging this approach.

IBM Cloud Identity Connect is a non-disruptive IDaaS solution that bridges on-premise Identity and Access Management to the cloud. This instructor-led, hands-on lab will take you on a deep-dive technical tour of IBM Cloud Identity Connect. You will start
by creating your own IBM Cloud Identity tenant, and then implement SAML Single Sign-On to a popular SaaS application. You will then explore delegated administration, user and group management, and creation of a hybrid solution with on-premise integration.
Finally, you will see how password-free SaaS access from mobile devices can be achieved via integration with IBM MaaS360.

This learning module demonstrates the integration of IBM Guardium and IBM IGI products to support the GDPR compliance initiative on structure data. The solution provides a custom developed AssemblyLine that runs in IBM Directory Integrator (IDI), and an IBM Identity Governance and Intelligence (IGI) Custom Adapter that requires IBM Directory Server and IDI to run.

The integration goal is to identify GDPR sensitive data using a provided sample database using IBM Guardium. Guardium then exports a report that contains users who have access to tables with GDPR relevant data. Then, the IGI Custom Adapter imports these reports into IGI for further compliance and access management.

The course provides a lab environment where the integration can be tested and demonstrated.

Also, if you do not have time to run the lab, you can review the videos that demonstrate all steps in the lab.

The additional learning section provides a custom AssemblyLine and a custom IGI adapter as-is with no IBM support. You can provide feedback to the Security Learning Academy if you have any issues with the code.

In this advanced lab, you learn how to configure Advanced Laptop and Desktop management services. You manage and distribute Windows patching and app updates for Windows 7 and Windows 10 devices using MaaS360's Unified Endpoint Management capabilities powered by both MaaS360 and BigFix in the IBM Cloud. You learn how to configure settings and review collected data to ensure your devices are secured against risk, threats, and vulnerabilities.

Use IBM QRadar Apps to extend and enhance your current QRadar deployment with new data and ready-to-use use cases. A QRadar app is a means to augment and enrich your current QRadar system with new data and functionality. You can download and install
other shared apps that are created by IBM, its Business Partners, and other QRadar customers.

These labs walk you through advanced troubleshooting for the QRadar software and architecture.

In this set of labs, you will learn how to get processing statistics from the Custom Rules Engine (CRE), determine which processes are using the most QRadar resources, and, create roll up values for time series graphs.

Note: This is an online, interactive lab. You will download and follow the lab guide using the associated elab.

Objectives

Troubleshoot processing issues by using scripts that let you get processing statistics from the CRE and find out what process are using the most QRadar resources.

Troubleshoot issues with accumulated data which is used by reports and the time series graphs used in the Dashboard, Log Activity, and Network Activity for aggregated searches.

This lab demonstrates how to set up management authentication and
authorization for IBM Access Manager. You learn how to configure
external authentication and authorization using LDAP. You also verify
that the different user groups can authenticate with Access Manager and
then test the user’s authorizations.

In this lab, you configure IBM Access Manager to generate and use JSON Web Tokens (JWTs) as OAuth Access Tokens rather than the standard opaque random string tokens that the OAuth server uses by default. JWTs are self-contained strings signed with a secret key. They contain a set of claims that assert an identity and a scope of access, reducing the need to go back and forth to the OAuth server to retrieve this information.

In this course you learn to plan and construct complex, distributed IBM
Directory Server (IDS) environments using several methods. This
course is designed for personnel who are responsible for the deployment,
troubleshooting, and ongoing performance maintenance of IBM Directory
Server distributed environments.Intermediate to advanced knowledge of IBM Directory Server is required.

Distributed directories are essential to the successful deployment of IBM Directory Server (IDS). IDS provides a robust set of replication options you can use. In this course, you learn how to create two server instances and configure and test a simple replication.